Route Origin Authorization
$ rpki-client -vvf chloe.sobornost.net/rpki/RIPE-nlrssf/mHJKckkfZt6EAJ_ZFhAfYkE5nM8.roa
File: mHJKckkfZt6EAJ_ZFhAfYkE5nM8.roa (raw, json)
Hash identifier: DJdnNH/lCsi+JsbjSRrtMwgkdpdtwsEpGF9XkKx9dAw=
Subject key identifier: 98:72:4A:72:49:1F:66:DE:84:00:9F:D9:16:10:1F:62:41:39:9C:CF
Certificate issuer: /CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Certificate serial: 01AB
Authority key identifier: 71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
Subject info access: rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/mHJKckkfZt6EAJ_ZFhAfYkE5nM8.roa
Signing time: Wed 27 Mar 2024 15:55:04 +0000
ROA not before: Wed 27 Mar 2024 15:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15562
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 427 (0x1ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d14ebb255dc058d4bfa5a51c93f73f830ab88f
Validity
Not Before: Mar 27 15:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98724A72491F66DE84009FD916101F6241399CCF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1d:4a:6f:c5:43:07:9e:97:a0:85:5a:d7:40:
9d:a8:72:90:fb:86:78:a9:80:a1:4b:48:ee:51:12:
43:0d:49:68:f6:3b:0b:4f:be:16:74:d1:87:07:b1:
1b:fc:79:ae:b7:e0:80:0f:44:42:95:af:91:ab:8c:
d2:d7:1c:11:13:75:2f:14:b5:5f:94:d0:f0:11:3e:
f1:80:a0:46:52:fd:cc:fd:f4:c3:e0:d5:b8:40:8f:
40:b8:71:83:bb:ed:11:38:e4:c5:7f:65:83:0e:9b:
08:36:e4:a5:98:00:35:88:b1:1a:a1:40:36:87:25:
28:4e:e4:00:bc:21:46:90:d7:49:20:8a:27:4e:cf:
59:68:6c:6e:07:a8:b1:e6:7a:b5:4f:0c:e7:da:0f:
df:d1:0a:2d:b0:f3:6d:21:27:1f:d7:9a:bc:f0:0c:
75:cb:1e:37:4e:b6:f2:37:67:ab:2f:fb:97:ae:18:
e6:00:3a:e0:29:8c:98:c7:cc:35:71:c0:16:57:bb:
38:6f:5c:b9:7e:3a:1c:87:b3:16:f3:3a:eb:14:33:
8c:88:cb:03:86:9b:0d:d6:87:e8:89:9a:ad:22:0c:
36:78:e0:8e:a9:0b:1a:30:37:aa:c4:17:63:c7:11:
ae:03:af:b2:bd:33:be:ec:ed:ba:aa:6e:aa:9e:c9:
9c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:72:4A:72:49:1F:66:DE:84:00:9F:D9:16:10:1F:62:41:39:9C:CF
X509v3 Authority Key Identifier:
keyid:71:D1:4E:BB:25:5D:C0:58:D4:BF:A5:A5:1C:93:F7:3F:83:0A:B8:8F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/cdFOuyVdwFjUv6WlHJP3P4MKuI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdFOuyVdwFjUv6WlHJP3P4MKuI8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://chloe.sobornost.net/rpki/RIPE-nlrssf/mHJKckkfZt6EAJ_ZFhAfYkE5nM8.roa
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
45:fc:4a:68:f3:9f:a0:c1:05:99:be:a4:99:df:00:0e:f9:aa:
56:17:90:0f:cd:5c:22:89:5e:2c:5e:b8:7d:d4:f2:af:c1:0c:
ec:7b:35:9b:fa:ca:be:a1:6b:34:ba:4c:ed:5f:49:83:65:2c:
c3:57:06:d8:71:c1:82:01:c9:9f:2d:90:a7:33:b4:8b:04:56:
92:c0:d9:44:42:6e:a9:67:d7:e2:38:0c:8d:61:79:1d:02:f2:
03:1b:af:f5:ed:44:d2:fa:f8:7a:4d:07:ca:b3:51:64:d9:07:
e1:02:24:53:51:3c:af:cc:4a:f9:dd:85:f7:1b:bc:4f:1b:be:
be:dd:94:99:4a:4d:49:45:1e:e4:02:41:93:c8:98:f2:17:16:
db:fd:b1:a4:26:1c:2b:d9:63:23:8f:c5:21:b6:b0:9a:8c:3f:
e4:97:56:32:52:05:75:cf:66:41:c8:f3:f3:5c:c7:b9:3e:67:
6d:fb:4c:91:f5:f0:a5:d5:d4:27:9b:16:d6:4c:25:62:ab:11:
14:b3:b9:94:da:ee:e8:29:38:ed:21:af:56:9b:e9:5f:f1:8f:
68:ff:eb:75:43:12:10:4c:ba:0f:8f:72:af:75:68:fb:42:35:
78:60:7c:3b:0f:fd:5e:03:69:70:90:98:19:d0:7c:e5:f4:7a:
c9:a2:eb:b0
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgICAaswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzFk
MTRlYmIyNTVkYzA1OGQ0YmZhNWE1MWM5M2Y3M2Y4MzBhYjg4ZjAeFw0yNDAzMjcx
NTU1MDRaFw0yNTA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDk4NzI0QTcyNDkxRjY2
REU4NDAwOUZEOTE2MTAxRjYyNDEzOTlDQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHHUpvxUMHnpeghVrXQJ2ocpD7hnipgKFLSO5REkMNSWj2OwtP
vhZ00YcHsRv8ea634IAPREKVr5GrjNLXHBETdS8UtV+U0PARPvGAoEZS/cz99MPg
1bhAj0C4cYO77RE45MV/ZYMOmwg25KWYADWIsRqhQDaHJShO5AC8IUaQ10kgiidO
z1lobG4HqLHmerVPDOfaD9/RCi2w820hJx/XmrzwDHXLHjdOtvI3Z6sv+5euGOYA
OuApjJjHzDVxwBZXuzhvXLl+OhyHsxbzOusUM4yIywOGmw3Wh+iJmq0iDDZ44I6p
CxowN6rEF2PHEa4Dr7K9M77s7bqqbqqeyZxXAgMBAAGjggG+MIIBujAdBgNVHQ4E
FgQUmHJKckkfZt6EAJ/ZFhAfYkE5nM8wHwYDVR0jBBgwFoAUcdFOuyVdwFjUv6Wl
HJP3P4MKuI8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL2NobG9lLnNvYm9ybm9zdC5uZXQvcnBraS9SSVBFLW5scnNz
Zi9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jZEZPdXlWZHdGalV2NldsSEpQM1A0TUt1STguY2VyMA4GA1UdDwEB
/wQEAwIHgDBoBggrBgEFBQcBCwRcMFowWAYIKwYBBQUHMAuGTHJzeW5jOi8vY2hs
b2Uuc29ib3Jub3N0Lm5ldC9ycGtpL1JJUEUtbmxyc3NmL21ISktja2tmWnQ2RUFK
X1pGaEFmWWtFNW5NOC5yb2EwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADC
aIEwDQYJKoZIhvcNAQELBQADggEBAEX8Smjzn6DBBZm+pJnfAA75qlYXkA/NXCKJ
XixeuH3U8q/BDOx7NZv6yr6hazS6TO1fSYNlLMNXBthxwYIByZ8tkKcztIsEVpLA
2URCbqln1+I4DI1heR0C8gMbr/XtRNL6+HpNB8qzUWTZB+ECJFNRPK/MSvndhfcb
vE8bvr7dlJlKTUlFHuQCQZPImPIXFtv9saQmHCvZYyOPxSG2sJqMP+SXVjJSBXXP
ZkHI8/Ncx7k+Z237TJH18KXV1CebFtZMJWKrERSzuZTa7ugpOO0hr1ab6V/xj2j/
63VDEhBMug+Pcq91aPtCNXhgfDsP/V4DaXCQmBnQfOX0esmi67A=
-----END CERTIFICATE-----
Generated at Wed Mar 27 22:50:51 2024 by rpki-client on console-ams.rpki-client.org